Search criteria
17 vulnerabilities found for coloros by oppo
CVE-2025-27387 (GCVE-0-2025-27387)
Vulnerability from cvelistv5 – Published: 2025-06-23 09:28 – Updated: 2025-06-23 12:14
VLAI?
Summary
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.
Severity ?
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T12:09:11.626527Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T12:14:46.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ColorOS",
"vendor": "OPPO",
"versions": [
{
"status": "affected",
"version": "15.0.2 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure."
}
],
"value": "OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T09:33:21.089Z",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1937080145974403072https://"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "OPPPO Clone Phone uses weak WPA passphrase as only means of security",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2025-27387",
"datePublished": "2025-06-23T09:28:08.244Z",
"dateReserved": "2025-02-24T03:04:32.845Z",
"dateUpdated": "2025-06-23T12:14:46.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26310 (GCVE-0-2023-26310)
Vulnerability from cvelistv5 – Published: 2023-08-09 06:13 – Updated: 2024-10-09 10:15
VLAI?
Summary
There is a command injection problem in the old version of the mobile phone backup app.
Severity ?
7.4 (High)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OPPO | OPPO Find X3 |
Affected:
ColorOS 12.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:41:23.160966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T15:41:34.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OPPO Find X3",
"vendor": "OPPO",
"versions": [
{
"status": "affected",
"version": "ColorOS 12.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is a command injection problem in the old version of the mobile phone backup app.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There is a command injection problem in the old version of the mobile phone backup app."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T10:15:15.657Z",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection In OPPO Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2023-26310",
"datePublished": "2023-08-09T06:13:22.055Z",
"dateReserved": "2023-02-21T23:18:21.568Z",
"dateUpdated": "2024-10-09T10:15:15.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23246 (GCVE-0-2021-23246)
Vulnerability from cvelistv5 – Published: 2022-03-11 17:54 – Updated: 2024-08-03 19:05
VLAI?
Summary
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
Severity ?
No CVSS data available.
CWE
- ID
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ACE2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ColorOS 11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "ID",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:39",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2021-23246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ACE2",
"version": {
"version_data": [
{
"version_value": "ColorOS 11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ID"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104",
"refsource": "MISC",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2021-23246",
"datePublished": "2022-03-11T17:54:39",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-08-03T19:05:54.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23244 (GCVE-0-2021-23244)
Vulnerability from cvelistv5 – Published: 2021-12-27 18:48 – Updated: 2024-08-03 19:05
VLAI?
Summary
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | OPPO Android Phone |
Affected:
OPPO Mobile phones with ColorOS 11 version
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OPPO Android Phone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OPPO Mobile phones with ColorOS 11 version"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:48:24",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2021-23244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OPPO Android Phone",
"version": {
"version_data": [
{
"version_value": "OPPO Mobile phones with ColorOS 11 version"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976",
"refsource": "MISC",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2021-23244",
"datePublished": "2021-12-27T18:48:24",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-08-03T19:05:54.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11829 (GCVE-0-2020-11829)
Vulnerability from cvelistv5 – Published: 2020-11-19 15:51 – Updated: 2024-08-04 11:42
VLAI?
Summary
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
Severity ?
No CVSS data available.
CWE
- privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | com.coloros.codebook |
Affected:
V2.0.0_5493e40_200722
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.coloros.codebook",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V2.0.0_5493e40_200722"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-19T15:51:07",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2020-11829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.coloros.codebook",
"version": {
"version_data": [
{
"version_value": "V2.0.0_5493e40_200722"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696",
"refsource": "CONFIRM",
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2020-11829",
"datePublished": "2020-11-19T15:51:07",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11828 (GCVE-0-2020-11828)
Vulnerability from cvelistv5 – Published: 2020-04-21 13:42 – Updated: 2024-08-04 11:42
VLAI?
Summary
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Color OS",
"vendor": "Oppo",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-21T13:42:04",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2020-11828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Color OS",
"version": {
"version_data": [
{
"version_value": "6"
},
{
"version_value": "7"
}
]
}
}
]
},
"vendor_name": "Oppo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033",
"refsource": "CONFIRM",
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2020-11828",
"datePublished": "2020-04-21T13:42:04",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27387 (GCVE-0-2025-27387)
Vulnerability from nvd – Published: 2025-06-23 09:28 – Updated: 2025-06-23 12:14
VLAI?
Summary
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.
Severity ?
7.4 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T12:09:11.626527Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T12:14:46.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ColorOS",
"vendor": "OPPO",
"versions": [
{
"status": "affected",
"version": "15.0.2 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure."
}
],
"value": "OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T09:33:21.089Z",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1937080145974403072https://"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "OPPPO Clone Phone uses weak WPA passphrase as only means of security",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2025-27387",
"datePublished": "2025-06-23T09:28:08.244Z",
"dateReserved": "2025-02-24T03:04:32.845Z",
"dateUpdated": "2025-06-23T12:14:46.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26310 (GCVE-0-2023-26310)
Vulnerability from nvd – Published: 2023-08-09 06:13 – Updated: 2024-10-09 10:15
VLAI?
Summary
There is a command injection problem in the old version of the mobile phone backup app.
Severity ?
7.4 (High)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OPPO | OPPO Find X3 |
Affected:
ColorOS 12.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:41:23.160966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T15:41:34.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OPPO Find X3",
"vendor": "OPPO",
"versions": [
{
"status": "affected",
"version": "ColorOS 12.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is a command injection problem in the old version of the mobile phone backup app.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There is a command injection problem in the old version of the mobile phone backup app."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T10:15:15.657Z",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection In OPPO Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2023-26310",
"datePublished": "2023-08-09T06:13:22.055Z",
"dateReserved": "2023-02-21T23:18:21.568Z",
"dateUpdated": "2024-10-09T10:15:15.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23246 (GCVE-0-2021-23246)
Vulnerability from nvd – Published: 2022-03-11 17:54 – Updated: 2024-08-03 19:05
VLAI?
Summary
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
Severity ?
No CVSS data available.
CWE
- ID
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ACE2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ColorOS 11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "ID",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:39",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2021-23246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ACE2",
"version": {
"version_data": [
{
"version_value": "ColorOS 11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ID"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104",
"refsource": "MISC",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2021-23246",
"datePublished": "2022-03-11T17:54:39",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-08-03T19:05:54.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23244 (GCVE-0-2021-23244)
Vulnerability from nvd – Published: 2021-12-27 18:48 – Updated: 2024-08-03 19:05
VLAI?
Summary
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.
Severity ?
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | OPPO Android Phone |
Affected:
OPPO Mobile phones with ColorOS 11 version
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:54.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OPPO Android Phone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "OPPO Mobile phones with ColorOS 11 version"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:48:24",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2021-23244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OPPO Android Phone",
"version": {
"version_data": [
{
"version_value": "OPPO Mobile phones with ColorOS 11 version"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976",
"refsource": "MISC",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2021-23244",
"datePublished": "2021-12-27T18:48:24",
"dateReserved": "2021-01-08T00:00:00",
"dateUpdated": "2024-08-03T19:05:54.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11829 (GCVE-0-2020-11829)
Vulnerability from nvd – Published: 2020-11-19 15:51 – Updated: 2024-08-04 11:42
VLAI?
Summary
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
Severity ?
No CVSS data available.
CWE
- privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | com.coloros.codebook |
Affected:
V2.0.0_5493e40_200722
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.coloros.codebook",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V2.0.0_5493e40_200722"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-19T15:51:07",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2020-11829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.coloros.codebook",
"version": {
"version_data": [
{
"version_value": "V2.0.0_5493e40_200722"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696",
"refsource": "CONFIRM",
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2020-11829",
"datePublished": "2020-11-19T15:51:07",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11828 (GCVE-0-2020-11828)
Vulnerability from nvd – Published: 2020-04-21 13:42 – Updated: 2024-08-04 11:42
VLAI?
Summary
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Color OS",
"vendor": "Oppo",
"versions": [
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-21T13:42:04",
"orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"shortName": "OPPO"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@oppo.com",
"ID": "CVE-2020-11828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Color OS",
"version": {
"version_data": [
{
"version_value": "6"
},
{
"version_value": "7"
}
]
}
}
]
},
"vendor_name": "Oppo"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033",
"refsource": "CONFIRM",
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695",
"assignerShortName": "OPPO",
"cveId": "CVE-2020-11828",
"datePublished": "2020-04-21T13:42:04",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-08-04T11:42:00.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2023-26310
Vulnerability from fkie_nvd - Published: 2023-08-09 07:15 - Updated: 2024-11-21 07:51
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
There is a command injection problem in the old version of the mobile phone backup app.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oppo:coloros:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F6662C-4DFE-43AB-B92C-36A49B040148",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:oppo:find_x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0D0DF9-7303-4E1D-98EE-C4AAA6ADDA57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection problem in the old version of the mobile phone backup app."
}
],
"id": "CVE-2023-26310",
"lastModified": "2024-11-21T07:51:06.170",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7,
"source": "security@oppo.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-09T07:15:10.150",
"references": [
{
"source": "security@oppo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1684402464721477632"
}
],
"sourceIdentifier": "security@oppo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "security@oppo.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-23246
Vulnerability from fkie_nvd - Published: 2022-03-11 18:15 - Updated: 2024-11-21 05:51
Severity ?
Summary
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oppo:coloros:11:*:*:*:*:*:*:*",
"matchCriteriaId": "720FF3AC-0354-4E6E-B73D-B9BCEE86CCFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:oppo:ace2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F75FA403-684A-4C26-80A2-C102EFAC404D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure."
},
{
"lang": "es",
"value": "En ACE2 ColorOS11, el atacante puede obtener el nombre del paquete en primer plano mediante la promoci\u00f3n de permisos, resultando en una divulgaci\u00f3n de informaci\u00f3n del usuario"
}
],
"id": "CVE-2021-23246",
"lastModified": "2024-11-21T05:51:26.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-11T18:15:09.650",
"references": [
{
"source": "security@oppo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1502209104851247104"
}
],
"sourceIdentifier": "security@oppo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-23244
Vulnerability from fkie_nvd - Published: 2021-12-27 19:15 - Updated: 2024-11-21 05:51
Severity ?
Summary
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oppo:coloros:11:*:*:*:*:android:*:*",
"matchCriteriaId": "C77E7576-E97F-4FD8-93EB-ECC36EFF1760",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission."
},
{
"lang": "es",
"value": "ColorOS preconcede permisos peligrosos a las aplicaciones que figuran en una lista blanca xml denominada default-grant-permissions.Pero algunas aplicaciones de la lista blanca no est\u00e1n instaladas, el atacante puede disfrazar la aplicaci\u00f3n con el mismo nombre de paquete para obtener permisos peligrosos"
}
],
"id": "CVE-2021-23244",
"lastModified": "2024-11-21T05:51:26.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-27T19:15:08.107",
"references": [
{
"source": "security@oppo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976"
}
],
"sourceIdentifier": "security@oppo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11829
Vulnerability from fkie_nvd - Published: 2020-11-19 16:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oppo:coloros:2.0.0_5493e40_200722:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC3D24C-8553-4851-9AA0-F9B0EA2B81DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722."
},
{
"lang": "es",
"value": "Una carga din\u00e1mica de servicios en el SDK de copia de seguridad y restauraci\u00f3n conlleva a una escalada de privilegios, el producto afectado es com.coloros.codebook versi\u00f3n V2.0.0_5493e40_200722"
}
],
"id": "CVE-2020-11829",
"lastModified": "2024-11-21T04:58:43.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-19T16:15:10.440",
"references": [
{
"source": "security@oppo.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1328876061836189696"
}
],
"sourceIdentifier": "security@oppo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-11828
Vulnerability from fkie_nvd - Published: 2020-04-21 14:15 - Updated: 2024-11-21 04:58
Severity ?
Summary
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oppo:coloros:-:*:*:*:*:*:*:*",
"matchCriteriaId": "364D0530-68D3-4564-8328-B45C4631C253",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."
},
{
"lang": "es",
"value": "En ColorOS (sistema operativo de telefon\u00eda m\u00f3vil oppo, basado en c\u00f3digo surfaceflinger.CPP de position/services/surfaceflinger del frameworks/native de AOSP), RGB es definido en la pila (stack) pero no es inicializado, por eso cuando la funci\u00f3n screenShot en la asignaci\u00f3n del valor de RGB, no inicializar\u00e1 el valor que es devuelto a los atacantes, conllevando a que unos valores en la pila filtren informaci\u00f3n, la vulnerabilidad puede ser usada para omitir la funcionalidad ALSR por los atacantes."
}
],
"id": "CVE-2020-11828",
"lastModified": "2024-11-21T04:58:42.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-21T14:15:11.223",
"references": [
{
"source": "security@oppo.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"
}
],
"sourceIdentifier": "security@oppo.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}